Clarify parse helpers in docs

Jim8y · Jim8y · commit 0b46a15bb7ca · 2025-11-11T09:38:26.000+08:00
diff --git a/docs/security/security-best-practices.md b/docs/security/security-best-practices.md
@@ -111,7 +111,7 @@ public class RoleBasedContract : SmartContract
 ```
 
 > **Note**  
-> When a script hash originates from runtime data, convert the value with `UInt160.Parse` (or cast from a validated byte array) before you return it. This keeps return statements strongly typed and prevents the NC4032 ReturnValueTypeAnalyzer from flagging implicit string conversions.
+> When a script hash or key originates from runtime data, convert the value with `UInt160.Parse`, `UInt256.Parse`, or `ECPoint.Parse` (or cast from a validated byte array) before you return it. This keeps return statements strongly typed and prevents the NC4032 ReturnValueTypeAnalyzer from flagging implicit string conversions.
 
 ### Multi-Signature Security
 
diff --git a/docs/security/security-testing.md b/docs/security/security-testing.md
@@ -117,7 +117,7 @@ public class SecurityTestAccounts
 ```
 
 > **Note**  
-> The same `UInt160.Parse` helper is available inside contracts, so your tests can mimic the strongly typed returns enforced by analyzer NC4032.
+> The same `UInt160/UInt256/ECPoint.Parse` helpers are available inside contracts, so your tests can mimic the strongly typed returns enforced by analyzer NC4032.
 
 ## Unit Testing for Security
 
